Linux + how to give only specific user to read the file
Clash Royale CLAN TAG#URR8PPP
up vote
3
down vote
favorite
lets say we want that only user tutu can read the file
/home/grafh/file.txt
what is the configuration that need to do in order to enable that?
- file owner must be stay as root ( and only user tutu can read the file )
linux files permissions group
asked Oct 29 '17 at 12:11
yael
2,0251145
add a comment |Â
up vote
3
down vote
favorite
lets say we want that only user tutu can read the file
/home/grafh/file.txt
what is the configuration that need to do in order to enable that?
- file owner must be stay as root ( and only user tutu can read the file )
linux files permissions group
asked Oct 29 '17 at 12:11
yael
2,0251145
add a comment |Â
up vote
3
down vote
favorite
up vote
3
down vote
favorite
lets say we want that only user tutu can read the file
/home/grafh/file.txt
what is the configuration that need to do in order to enable that?
- file owner must be stay as root ( and only user tutu can read the file )
linux files permissions group
asked Oct 29 '17 at 12:11
yael
2,0251145
lets say we want that only user tutu can read the file
/home/grafh/file.txt
what is the configuration that need to do in order to enable that?
- file owner must be stay as root ( and only user tutu can read the file )
linux files permissions group
asked Oct 29 '17 at 12:11
yael
2,0251145
edited Oct 29 '17 at 12:41
asked Oct 29 '17 at 12:11
yael
2,0251145
asked Oct 29 '17 at 12:11
yael
2,0251145
asked Oct 29 '17 at 12:11
yael
2,0251145
2,0251145
add a comment |Â
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
2
down vote
accepted
You have two possibilities, using the the classical DAC (Discretionary Access Control, the usual rwx rights) of using files ACL (Access Control Lists).
Using DAC permissions
If tutu has not its own group (check groups tutu output), you must create a new group and make tutu the only member of this group.
root@host:~# addgroup tutu
root@host:~# usermod -G tutu tutu
Then change the file permissions to allow read access to the members of the tutu group:
root@host:~# chgrp tutu /home/grafh/file.txt
root@host:~# chmod 640 /home/grafh/file.txt
This file will remain owned by root, but be readable (but not writeable) by tutu and not by the other other users.
Using ACL permissions
ACLs are additional rights which come in addition to the DAC permissions seen above. There are meant to solve situation which cannot be easily solved using the historical Unix DAC permission system.
To allow tutu to read the file:
root@host:~# setfacl -m u:tutu:r /home/grafh/file.txt
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
add a comment |Â
up vote
1
down vote
In order for this to work tutu must have execution access to /home/grafh.
root must execute these commands:
chown root:tutu /home/grafh/file.txt
chmod 640 /home/grafh/file.txt
This works only if there is a group tutu and the user tutu is its only member.
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
I forget to tell you that owner must be stay as root , so we need other solution
– yael
Oct 29 '17 at 12:26
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
accepted
You have two possibilities, using the the classical DAC (Discretionary Access Control, the usual rwx rights) of using files ACL (Access Control Lists).
Using DAC permissions
If tutu has not its own group (check groups tutu output), you must create a new group and make tutu the only member of this group.
root@host:~# addgroup tutu
root@host:~# usermod -G tutu tutu
Then change the file permissions to allow read access to the members of the tutu group:
root@host:~# chgrp tutu /home/grafh/file.txt
root@host:~# chmod 640 /home/grafh/file.txt
This file will remain owned by root, but be readable (but not writeable) by tutu and not by the other other users.
Using ACL permissions
ACLs are additional rights which come in addition to the DAC permissions seen above. There are meant to solve situation which cannot be easily solved using the historical Unix DAC permission system.
To allow tutu to read the file:
root@host:~# setfacl -m u:tutu:r /home/grafh/file.txt
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
add a comment |Â
up vote
2
down vote
accepted
You have two possibilities, using the the classical DAC (Discretionary Access Control, the usual rwx rights) of using files ACL (Access Control Lists).
Using DAC permissions
If tutu has not its own group (check groups tutu output), you must create a new group and make tutu the only member of this group.
root@host:~# addgroup tutu
root@host:~# usermod -G tutu tutu
Then change the file permissions to allow read access to the members of the tutu group:
root@host:~# chgrp tutu /home/grafh/file.txt
root@host:~# chmod 640 /home/grafh/file.txt
This file will remain owned by root, but be readable (but not writeable) by tutu and not by the other other users.
Using ACL permissions
ACLs are additional rights which come in addition to the DAC permissions seen above. There are meant to solve situation which cannot be easily solved using the historical Unix DAC permission system.
To allow tutu to read the file:
root@host:~# setfacl -m u:tutu:r /home/grafh/file.txt
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
add a comment |Â
up vote
2
down vote
accepted
up vote
2
down vote
accepted
You have two possibilities, using the the classical DAC (Discretionary Access Control, the usual rwx rights) of using files ACL (Access Control Lists).
Using DAC permissions
If tutu has not its own group (check groups tutu output), you must create a new group and make tutu the only member of this group.
root@host:~# addgroup tutu
root@host:~# usermod -G tutu tutu
Then change the file permissions to allow read access to the members of the tutu group:
root@host:~# chgrp tutu /home/grafh/file.txt
root@host:~# chmod 640 /home/grafh/file.txt
This file will remain owned by root, but be readable (but not writeable) by tutu and not by the other other users.
Using ACL permissions
ACLs are additional rights which come in addition to the DAC permissions seen above. There are meant to solve situation which cannot be easily solved using the historical Unix DAC permission system.
To allow tutu to read the file:
root@host:~# setfacl -m u:tutu:r /home/grafh/file.txt
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
You have two possibilities, using the the classical DAC (Discretionary Access Control, the usual rwx rights) of using files ACL (Access Control Lists).
Using DAC permissions
If tutu has not its own group (check groups tutu output), you must create a new group and make tutu the only member of this group.
root@host:~# addgroup tutu
root@host:~# usermod -G tutu tutu
Then change the file permissions to allow read access to the members of the tutu group:
root@host:~# chgrp tutu /home/grafh/file.txt
root@host:~# chmod 640 /home/grafh/file.txt
This file will remain owned by root, but be readable (but not writeable) by tutu and not by the other other users.
Using ACL permissions
ACLs are additional rights which come in addition to the DAC permissions seen above. There are meant to solve situation which cannot be easily solved using the historical Unix DAC permission system.
To allow tutu to read the file:
root@host:~# setfacl -m u:tutu:r /home/grafh/file.txt
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
answered Oct 29 '17 at 12:52
WhiteWinterWolf
1,586830
1,586830
add a comment |Â
add a comment |Â
up vote
1
down vote
In order for this to work tutu must have execution access to /home/grafh.
root must execute these commands:
chown root:tutu /home/grafh/file.txt
chmod 640 /home/grafh/file.txt
This works only if there is a group tutu and the user tutu is its only member.
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
I forget to tell you that owner must be stay as root , so we need other solution
– yael
Oct 29 '17 at 12:26
add a comment |Â
up vote
1
down vote
In order for this to work tutu must have execution access to /home/grafh.
root must execute these commands:
chown root:tutu /home/grafh/file.txt
chmod 640 /home/grafh/file.txt
This works only if there is a group tutu and the user tutu is its only member.
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
I forget to tell you that owner must be stay as root , so we need other solution
– yael
Oct 29 '17 at 12:26
add a comment |Â
up vote
1
down vote
up vote
1
down vote
In order for this to work tutu must have execution access to /home/grafh.
root must execute these commands:
chown root:tutu /home/grafh/file.txt
chmod 640 /home/grafh/file.txt
This works only if there is a group tutu and the user tutu is its only member.
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
In order for this to work tutu must have execution access to /home/grafh.
root must execute these commands:
chown root:tutu /home/grafh/file.txt
chmod 640 /home/grafh/file.txt
This works only if there is a group tutu and the user tutu is its only member.
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
edited Oct 29 '17 at 12:40
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
answered Oct 29 '17 at 12:16
Hauke Laging
53.6k1282130
53.6k1282130
I forget to tell you that owner must be stay as root , so we need other solution
– yael
Oct 29 '17 at 12:26
add a comment |Â
I forget to tell you that owner must be stay as root , so we need other solution
– yael
Oct 29 '17 at 12:26
I forget to tell you that owner must be stay as root , so we need other solution
– yael
Oct 29 '17 at 12:26
I forget to tell you that owner must be stay as root , so we need other solution
– yael
Oct 29 '17 at 12:26
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f401207%2flinux-how-to-give-only-specific-user-to-read-the-file%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
